kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
f4ce8e5324
boringssl/ssl
History
Matt Braithwaite f4ce8e5324 Refactor ECDH key exchange to make it asymmetrical 
Previously, SSL_ECDH_METHOD consisted of two methods: one to produce a
public key to be sent to the peer, and another to produce the shared key
upon receipt of the peer's message.

This API does not work for NEWHOPE, because the client-to-server message
cannot be produced until the server's message has been received by the
client.

Solve this by introducing a new method which consumes data from the
server key exchange message and produces data for the client key
exchange message.

Change-Id: I1ed5a2bf198ca2d2ddb6d577888c1fa2008ef99a
Reviewed-on: https://boringssl-review.googlesource.com/7961
Reviewed-by: David Benjamin <davidben@google.com>
2016-05-18 18:09:26 +00:00
..
pqueue Don't cast |OPENSSL_malloc|/|OPENSSL_realloc| result. 2016-02-11 22:07:56 +00:00
test Refactor ECDH key exchange to make it asymmetrical 2016-05-18 18:09:26 +00:00
CMakeLists.txt
custom_extensions.c
d1_both.c Simplify handshake message size limits. 2016-05-13 20:06:24 +00:00
d1_clnt.c Client auth is only legal in certificate-based ciphers. 2016-05-13 20:07:16 +00:00
d1_lib.c Adding a method to change the initial DTLS retransmission timer value. 2016-05-11 22:36:26 +00:00
d1_meth.c
d1_pkt.c Tidy up shutdown state. 2016-05-17 21:27:12 +00:00
d1_srtp.c Make kSRTPProfiles static. 2016-05-13 14:12:22 +00:00
d1_srvr.c Client auth is only legal in certificate-based ciphers. 2016-05-13 20:07:16 +00:00
dtls_record.c Move aead_{read,write}_ctx and next_proto_negotiated into ssl->s3. 2016-01-15 21:40:25 +00:00
internal.h Refactor ECDH key exchange to make it asymmetrical 2016-05-18 18:09:26 +00:00
s3_both.c Simplify handshake message size limits. 2016-05-13 20:06:24 +00:00
s3_clnt.c Refactor ECDH key exchange to make it asymmetrical 2016-05-18 18:09:26 +00:00
s3_enc.c Remove some easy obj.h dependencies. 2016-03-31 20:50:33 +00:00
s3_lib.c Remove some easy obj.h dependencies. 2016-03-31 20:50:33 +00:00
s3_meth.c
s3_pkt.c Forbid calling SSL_read, SSL_peek, and SSL_do_handshake post-shutdown. 2016-05-17 21:28:40 +00:00
s3_srvr.c Refactor ECDH key exchange to make it asymmetrical 2016-05-18 18:09:26 +00:00
ssl_aead_ctx.c Disable all TLS crypto in fuzzer mode. 2016-03-02 23:39:36 +00:00
ssl_asn1.c
ssl_buffer.c Set rwstate consistently. 2016-04-18 20:30:32 +00:00
ssl_cert.c Ensure we check i2d_X509 return val 2016-04-26 17:12:01 +00:00
ssl_cipher.c Client auth is only legal in certificate-based ciphers. 2016-05-13 20:07:16 +00:00
ssl_ecdh.c Refactor ECDH key exchange to make it asymmetrical 2016-05-18 18:09:26 +00:00
ssl_file.c Banish SSL_add_dir_cert_subjects_to_stack and OPENSSL_DIR_CTX to decrepit. 2016-04-27 18:40:25 +00:00
ssl_lib.c Forbid calling SSL_read, SSL_peek, and SSL_do_handshake post-shutdown. 2016-05-17 21:28:40 +00:00
ssl_rsa.c Add |SSL_CTX_set_private_key_method| to parallel |SSL_set_private_key_method| 2016-03-07 18:16:58 +00:00
ssl_session.c Tidy up shutdown state. 2016-05-17 21:27:12 +00:00
ssl_stat.c
ssl_test.cc BIO_new_mem_buf should take const void * 2016-02-24 19:14:19 +00:00
t1_enc.c Remove some easy obj.h dependencies. 2016-03-31 20:50:33 +00:00
t1_lib.c Simplify server_name extension parsing. 2016-04-18 20:33:35 +00:00
tls_record.c Disable all TLS crypto in fuzzer mode. 2016-03-02 23:39:36 +00:00